home

setup.exe

The application setup.exe has been detected as a potentially unwanted program by 11 anti-malware scanners.
Version:
1.0.1.6

MD5:
1c3f82759b2c1868fe8dfda3f4cee18c

SHA-1:
8c87d92c2de660e6e7a3873ccfb04505e9abe605

SHA-256:
80f889f9fe0fa740de8c8d9141d383bfb46056d6da33ecd93b1f49558e03f7b9

Scanner detections:
11 / 68

Status:
Potentially unwanted

Explanation:
Uses the DomainIQ download manager to bundle additional potentially unwanted software without adequate consent.

Analysis date:
4/25/2024 10:07:00 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/DomaIQ.Gen
7.11.123.22

avast!
Win32:DomaIQ-AI [PUP]
2014.9-140418

Bkav FE
W32.Clod405.Trojan
1.3.0.4613

ESET NOD32
Win32/DomaIQ.AI (variant)
8.9242

K7 AntiVirus
Trojan
13.174.10720

Malwarebytes
Adware.DomaIQ
v2014.04.18.02

McAfee
Artemis!1C3F82759B2C
5600.7156

Norman
Obfuscated.gen!r
11.20140418

Sophos
DomainIQ pay-per install
4.96

Trend Micro House Call
TROJ_GEN.F47V0628
7.2.108

VIPRE Antivirus
DomaIQ
25016

File size:
381.5 KB (390,656 bytes)

Product version:
1.0.1.6

Original file name:
DomaIQ.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\setup.exe\setup.exe

File PE Metadata
Compilation timestamp:
6/27/2013 4:49:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:mAg56U+VHymhTsRhTZ9Dtw8JKx7sdX0iYhRK4cHJb2UWeAkK5yw206:IO9ymhTsRj9BgxYZYzbKA+w2r

Entry address:
0x5AC0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5898

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
355.5 KB (364,032 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.